繞過 Screensaver Lock 的有趣話題… – Gea-Suan Lin's BLOG
source link: https://blog.gslin.org/archives/2021/01/22/9930/%e7%b9%9e%e9%81%8e-screensaver-lock-%e7%9a%84%e6%9c%89%e8%b6%a3%e8%a9%b1%e9%a1%8c/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
繞過 Screensaver Lock 的有趣話題...
在 Hacker News Daily 上看到「Screensaver lock by-pass via the virtual keyboard」這篇,裡面這邊題到了 screensaver lock 的有趣話題。
先講嚴肅一點的,這個 bug 被編號為 CVE-2020-25712,問題出在 xorg-x11-server 上:
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
比較有趣的事情是,這個 bug 是小朋友在亂玩時拉出 virtual keyboard 觸發的:
A few weeks ago, my kids wanted to hack my linux desktop, so they typed and clicked everywhere, while I was standing behind them looking at them play... when the screensaver core dumped and they actually hacked their way in! wow, those little hackers...
然後他說他自己搞不出來:
I tried to recreate the crash on my own with no success, maybe because it required more than 4 little hands typing and using the mouse on the virtual keyboard.
另外一個人也說他家小朋友也弄出 segfault 了:
My kids came upon a similar cinnamon-screensaver segfault! I've emailed details of how to reproduce the problem to [email protected].
小朋友超強 XDDD
Related
CVE-2018-14665:setuid 複寫檔案的 security issue...
在 Twitter 上看到的 security issue,好久沒在這麼普及的軟體上看到這種 bug 了: #CVE-2018-14665 - a LPE exploit via https://t.co/eax3fvaAjE fits in a tweetcd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;suOverwrite shadow (or any) file on most Linux, get root privileges. *BSD and any other Xorg desktop also affected.— Hacker Fantastic (@hackerfantastic) October 25, 2018 在…
October 28, 2018In "Computer"
不停機把 server 搬到兩百米外的機房
在 Hacker News Daily 上看到的有趣故事,作者在 Reddit 上描述怎麼不停機把實體的伺服器搬到兩百米外的機房,中間還經過了停車場:「[Rant... sorta] Physically moved a server today...」,另外作者的 FAQ 在「[FAQ][Rant... sorta] Physically moved a server today...」這邊可以看到。 我會把這個當故事看一看就好,裡面還是有一些細節沒有被敘述 (像是網路不斷線的部份),感覺不太對,但就一個故事來看是蠻有趣的 XD 搬運的過程中間包括了使用 UPS 與多顆 switch 對接,另外中間經過一個停車場,算是很有趣的方式?
August 7, 2020In "Computer"
最近很少寫 Blog (程式沒寫幾行,倒是一堆行政上面的事情),不過 Twitter 上倒是常常念。 最近忙一些事情,像是寫不完的採購簽呈 (還好有一部分交給 slzzp 了),然後是開不完的會,如果要抽時間寫程式的話,就得在一般人下班後才有空了... 不管怎麼樣,最近看 jnlin 玩,以及我自己玩一些東西,有些有趣的想法,寫下來紀錄起來。 FreeBSD 7.0 的 SCHED_ULE 長期觀察下來 (超過兩個月) 算是相當穩定,這點在目前 PIXNET 的 Web Server 端可以看出來 (在 FreeBSD 跑 apache22 event 是使用 threading,配合 FastCGI 跑 PHP),但 gjournal 與 ZFS 在效率以及穩定度上都還不堪使用。(指 heavy I/O) MyISAM 的讀取速度非常快,但不利於大量 Update (因為寫入的動作需要 table lock)。在國外的討論裡,一般都是推薦使用 InnoDB 解決這類 table 的情況,但實際上目前…
March 6, 2008In "Computer"
Author Gea-Suan LinPosted on January 22, 2021Categories Computer, Joke, Linux, Murmuring, OS, Recreation, Security, SoftwareTags buffer, bypass, cve, flaw, hack, hacker, heap, keyboard, kid, linux, lock, locker, overflow, screensaver, security, segfault, server, virtual, x11, xorgLeave a Reply Cancel reply
Your email address will not be published. Required fields are marked *
Comment
Name *
Email *
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
Post navigation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK